macOS - Sophos Endpoint Protection - Real-time protection deactivated

Hello,

I have a Macbook Pro (2019 Intel) with macOS 14.6.1 (Build23G93) with Sophos Endpoint 2024.2.0.35 in Sophos Central.
On this endpoint, real-time protection is deactivated from time to time, without any influences.

So far, a scan or an update of the agent has solved the problem and I have received a message in the events that real-time protection has been reactivated. But a day later it is deactivated again. Reinstalling Sophos Endpoint did not solve the problem either. The default policies were used in Sophos Endpoint and no adjustments were made.

I would like to ask if anyone knows of similar behaviour and has a solution.

Many thanks in advance.
With kind regards
Patrice

Added tags
[edited by: GlennSen at 1:17 PM (GMT -7) on 3 Sep 2024]

0 Patrice Großkreuz 26 days ago

I would also like to ask if anyone knows the service at Macos that is responsible for real-time protection. I would like to restart/check whether it is running.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Qoosh 25 days ago in reply to Patrice Großkreuz
Hi Patrice,

Thanks for reaching out to the Sophos Community Forum.

When the system shows real-time protection deactivated, could you check the Sophos Endpoint Self Help tool on the device?

I am curious to find out what is displayed in the "Service" and "Prerequisites" tab. The Real-time protection status will change when the "Sophos Scan Extension" is experiencing issues.

I suggest trying to run the following command in the terminal as well to see if the system extension for Sophos shows anything other than "activated enabled"

sudo systemextensionsctl list
Kushal Lakhan

Team Lead, Global Community Support
Connect with Sophos Support, get alerted, and be informed.
If a post solves your question, please use the "Verify Answer" button.

The New Home of Sophos Support Videos! - Visit Sophos Techvids
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel